package cn.itrip.auth.controller;

import java.util.Calendar;

import cn.itrip.auth.service.toKen.TokenService;
import cn.itrip.auth.service.toKen.TokenServiceImpl;
import cn.itrip.auth.service.user.UserService;
import cn.itrip.common.MD5;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import org.springframework.web.servlet.ModelAndView;
import springfox.documentation.annotations.ApiIgnore;
import cn.itrip.beans.dto.Dto;
import cn.itrip.beans.pojo.ItripUser;
import cn.itrip.beans.vo.ItripTokenVO;
import cn.itrip.common.DtoUtil;
import cn.itrip.common.EmptyUtils;
import cn.itrip.common.ErrorCode;

/**
 * 用户登录控制器
 * @author hduser
 *
 */
@Controller
@Api
@RequestMapping(value = "/api")
public class LoginController {

	@Resource
	private UserService userService;

	@Resource
	private TokenService tokenService;

	@ApiOperation(value="用户登录", httpMethod = "POST",
			protocols="HTTP", produces = "application/json",
			response=Dto.class,
			notes="根据用户名,密码进行统一登录")
	@ApiImplicitParams({
			@ApiImplicitParam(paramType="form",required=true,name="name",value="用户名",defaultValue="2227089894@qq.com"),
			@ApiImplicitParam(paramType="form",required=true,name="password",value="密码",defaultValue="123456"),
	})
	@RequestMapping(value="/dologin",method=RequestMethod.POST,produces= "application/json")
	public @ResponseBody Dto dologin(
			@RequestParam String name, @RequestParam String password, HttpServletRequest request) {
		if(EmptyUtils.isNotEmpty(name) && EmptyUtils.isNotEmpty(password)){
			ItripUser user = null;
			try{
				user = userService.login(name.trim(), MD5.getMd5(password.trim(), 32));
			}catch (Exception e){
				e.printStackTrace();
			}
			if(EmptyUtils.isNotEmpty(user)){
				//1.获取token
				String token = tokenService.generateToken(request.getHeader("user-agent"), user);
				//2.保存token
				tokenService.save(token,user);
				//3.返回
				ItripTokenVO tokenVO = new ItripTokenVO(token,Calendar.getInstance().getTimeInMillis()+TokenService.SESSION_TIMEOUT*1000,Calendar.getInstance().getTimeInMillis());
				return DtoUtil.returnDataSuccess(tokenVO);
			}else{
				return DtoUtil.returnFail("用户名密码错误", ErrorCode.AUTH_AUTHENTICATION_FAILED);
			}
		}else {
			return DtoUtil.returnFail("参数错误!", ErrorCode.AUTH_PARAMETER_ERROR);
		}
	}

	@ApiOperation(value="用户注销", httpMethod = "GET",
			protocols="HTTP", produces = "application/json",
			response=Dto.class,
			notes="客户端需在header中发送token")
	@ApiImplicitParam(paramType="header",required=true,name="token",value="用户认证凭据",defaultValue="token:PC-21ec64d6e9cae0917ea4b54bc36809d8-8-20170601100121-699dfc")
	@RequestMapping(value="/logout",method=RequestMethod.GET,produces="application/json",headers="token")
	public @ResponseBody Dto logout(HttpServletRequest request) {
		//验证token
		String token = request.getHeader("token");
		if(!tokenService.validate(request.getHeader("user-agent"),token)){
			return DtoUtil.returnFail("token无效",ErrorCode.AUTH_TOKEN_INVALID);
		}
		try{
			//删除token
			tokenService.delete(token);
			return DtoUtil.returnSuccess("注销成功");
		}catch (Exception e){
			e.printStackTrace();
			return DtoUtil.returnFail(e.getMessage(),ErrorCode.AUTH_TOKEN_INVALID);
		}
	}

}
